How Law Enforcement Gets Around Your Smartphone's Encryption
ItemDate=2021-04-08 00:55:25 Status=publish
#Discussion(Security) [ via IoTGroup ]
Lawmakers and law enforcement agencies around the world encryption/">including in the United States have increasingly called for backdoors in the encryption schemes that protect your data arguing that national security is at stake. But new research indicates governments already have methods and tools that for better or worse let them access locked smartphones thanks to weaknesses in the security schemes of Android and iOS.
The researchers have dug into the current mobile privacy state of affairs and provided technical recommendations for how the two major mobile operating systems can continue to improve their protections. “It just really shocked me because I came into this project thinking that these phones are really protecting user data well ” says Johns Hopkins cryptographer Matthew Green who oversaw the research. So why do we need a backdoor for law enforcement when the protections that these phones actually offer are so bad?” Before you delete all your data and throw your phone out the window though it's important to understand the types of privacy and security violations the researchers were specifically looking at. Even if someone stole your phone and pulled the data off it they would only see gibberish.
Decoding all the data would require a key that only regenerates when you unlock your phone with a passcode or face or finger recognition. And smartphones today offer multiple layers of these protections and different encryption keys for different levels of sensitive data. With all of that in mind the researchers assumed it would be extremely difficult for an attacker to unearth any of those keys and unlock some amount of data. When an iPhone has been off and boots up all the data is in a state Apple calls “Complete Protection.” The user must unlock the device before anything else can really happen and the device's privacy protections are very high. You could still be forced to unlock your phone of course but existing forensic tools would have a difficult time pulling any
Read More.. AutoTextExtraction by Working BoT using SmartNews 1.0399999999 Build 04 April 2020